diff --git a/README.md b/README.md index bbef443..0b0d5d7 100644 --- a/README.md +++ b/README.md @@ -69,6 +69,8 @@ export: # type: rsync # port: 22 # key: "/etc/backup-client/id_ed25519" + # Bandwidth limit for upload, 20mbit/s by default + bwlimit: 2500 # Settings to create a remote sftp user. Use this for restic sftp repos remote_sftp_user: diff --git a/defaults/main.yml b/defaults/main.yml index 116687f..77ee36e 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -28,6 +28,7 @@ backups: years: 3 export: destinations: [] + bwlimit: 2500 remote_sftp_user: name: backup host: ~ @@ -41,6 +42,7 @@ backups: '/tmp/*': true '/var/tmp/*': true '/var/cache/*': true + '/var/lib/php/sessions/*': true '/root/.ansible/*': true include_files: '/': true diff --git a/tasks/main.yml b/tasks/main.yml index 6cc3805..2ac9ec5 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -2,6 +2,7 @@ set_fact: backup_backend: "{% if backups.mode in ['standalone-restic', 'hypervisor-restic'] %}restic{% else %}False{% endif %}" backup_executor: "{% if backups.mode in ['vm-via-hypervisor'] %}False{% else %}True{% endif %}" + backup_restic_cache: "{% if backups.backends.restic.repo_type == 'local' %}False{% else %}True{% endif %}" - name: create config folder file: @@ -106,7 +107,7 @@ state: directory owner: root group: root - mode: 0700 + mode: 0711 - name: create a remote sftp user if enabled when: diff --git a/templates/backup-check.j2 b/templates/backup-check.j2 index 7f4a0bf..67f73bb 100755 --- a/templates/backup-check.j2 +++ b/templates/backup-check.j2 @@ -5,7 +5,8 @@ set -euo pipefail # restic backend source /etc/backup-client/restic.env -restic check --read-data --cleanup-cache +restic check --read-data \ + --cleanup-cache{% if not backup_restic_cache %} --no-cache{% endif %} {% endif %} diff --git a/templates/backup-export.j2 b/templates/backup-export.j2 index 3cffe8e..f8e40cf 100755 --- a/templates/backup-export.j2 +++ b/templates/backup-export.j2 @@ -10,7 +10,7 @@ echo "Starting to export backups..." {% if backups.backends.restic.repo_type == "local" %} {% for i in backups.export.destinations if i.type == "rsync" %} echo "exporting to {{ i.host }}" - rsync -h -r -a --append-verify --delete --stats -e "ssh -p {{ i.port|d(22) }} -i {{ i.key|d('/etc/backup-client/id_ed25519') }}" "${RESTIC_REPOSITORY}/" "{{ i.user }}@{{ i.host }}:{{ i.remotepath }}" + rsync -h -r -a --append-verify --delete --stats{%if backups.export.bwlimit %} --bwlimit={{ backups.export.bwlimit }}{% endif %} -e "ssh -p {{ i.port|d(22) }} -i {{ i.key|d('/etc/backup-client/id_ed25519') }}" "${RESTIC_REPOSITORY}/" "{{ i.user }}@{{ i.host }}:{{ i.remotepath }}" {% endfor %} {% else %} echo "Repo is not local. Skipped." diff --git a/templates/backup-retention.j2 b/templates/backup-retention.j2 index 478631d..3778e51 100755 --- a/templates/backup-retention.j2 +++ b/templates/backup-retention.j2 @@ -7,7 +7,7 @@ source /etc/backup-client/retention.env # restic backend source /etc/backup-client/restic.env restic forget \ - --cleanup-cache \ + --cleanup-cache {% if not backup_restic_cache %} --no-cache{% endif %} \ --verbose \ --prune \ --group-by "host,paths,tags" \ diff --git a/templates/backup-standalone.j2 b/templates/backup-standalone.j2 index fd1360e..20d1f43 100755 --- a/templates/backup-standalone.j2 +++ b/templates/backup-standalone.j2 @@ -8,6 +8,7 @@ test -f "/etc/backup-client/enabled" || { echo "Standalone backup is disabled"; source /etc/backup-client/restic.env restic backup \ + --cleanup-cache {% if not backup_restic_cache %} --no-cache{% endif %} \ --verbose \ --exclude-caches \ --one-file-system \ diff --git a/templates/backup-vm.j2 b/templates/backup-vm.j2 index a4575b5..9c6ed30 100755 --- a/templates/backup-vm.j2 +++ b/templates/backup-vm.j2 @@ -122,6 +122,7 @@ set -euo pipefail # restic backend source /etc/backup-client/restic.env restic backup \ + --cleanup-cache {% if not backup_restic_cache %} --no-cache{% endif %} \ --verbose \ --host "$DOMAIN" \ --exclude-file "/etc/backup-client/vms/$DOMAIN/exclude_files" \